PT-2019-17437 · Sdl+3 · Sdl2 Image+3

Icewall

Published

2019-07-03

Updated

2022-06-27

CVE-2019-5051

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SDL2 image version 2.0.4

Description A heap-based buffer overflow issue exists when loading a PCX file. This is due to a missing error handler, which can lead to a buffer overflow and potential code execution. An attacker can trigger this issue by providing a specially crafted image file.

Recommendations For version 2.0.4, consider disabling the loading of PCX files until a patch is available to prevent potential code execution.

Exploit

Fix

Improper Handling of Exceptional Conditions

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-755CWE-787CWE-390

Related Identifiers

ALT-PU-2021-1289

CVE-2019-5051

DLA-1861-1

DLA-1865-1

MGASA-2019-0364

OPENSUSE-SU-2019:2070-1

OPENSUSE-SU-2019:2108-1

OPENSUSE-SU-2019_2070-1

OPENSUSE-SU-2024:10608-1

USN-4238-1

Affected Products

Alt Linux

Sdl2 Image

Suse

Ubuntu

PT-2019-17437 · Sdl+3 · Sdl2 Image+3

CVE-2019-5051

Weakness Enumeration

Related Identifiers

Affected Products

References · 63